AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

Listing of Claims: 

1 1 . (Currently amended) A method for sharing a security context for a given 

2 application client between different applications associated with the given 

3 application client on a database server, comprising: 

4 receiving a request at the database server through a database session 

5 between the database server and an application on a database client; 

6 looking up an identifier for the given application client that identifies a 

7 client of the application, wherein the identifier for the given application client 

8 identifies a user of the application that is sending the request to the database 

9 server, the identifier having been previously associated with the database session; 

1 0 using the identifier to look up the security context for the given application 

1 1 client within a storage area associated with the database server; 

12 wherein the security context includes attributes related to the given 

1 3 application client; 

14 wherein only applications associated with the given application client and 

1 5 not applications associated with other clients will receive the security context for 

16 the given client; 

1 7 receiving the security context for the given application client from the 

1 8 database client; 

19 inserting the security context into the storage area associated with the 

20 database server so that the security context can be indexed by the identifier for the 

2 1 given application client; 

2 
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22 performing a database operation to satisfy the request; 

23 wherein performing the database operation involves enforcing access 

24 rights associated with the security context; and 

25 allowing the given application client to use the same security context 

26 through a second application and a second database session by: 

27 receiving a second request at the database server through 

28 the second database session with the second application, 

29 looking up the identifier for the given application client, the 

30 identifier having been previously associated with the second 

3 1 database session, and 

32 using the identifier to look up the security context for the 

33 given application client within the storage area associated with the 

34 database server. 

1 2. (Original) The method of claim 1, wherein the request includes a 

2 database query directed to a database on the database server. 

1 3. (Original) The method of claim 2, wherein performing the database 

2 operation involves modifying the database query to enforce access rights 

3 associated with the security context. 

1 4 (Canceled). 

1 5. (Previously presented) The method of claim 1, 

2 wherein the database client is an application server that is sending the 

3 request to the database server; and 
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4 wherein the identifier for the given application client identifies an 

5 application session between the application on the application server and the 

6 client of the application. 

1 6. (Original) The method of claim 5 5 further comprising: 

2 receiving a request from the application to change the application session 

3 associated with the database session; and 

4 changing the application session associated with the database session. 

1 7. (Original) The method of claim 5, further comprising facilitating 

2 connection pooling by periodically changing the application session associated 

3 with the database session in order to channel requests associated with multiple 

4 application sessions through the database session. 

1 8-9 (Canceled). 

1 10. (Currently amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for sharing a security context for a given application client between 

4 different applications associated with the given application client on a database 

5 server, the method comprising: 

6 receiving a request at the database server through a database session 

7 between the database server and an application on a database client; 

8 looking up an identifier for the given application client that identifies a 

9 client of the application, wherein the identifier for the given application client 

10 identifies a user of the application that is sending the request to the database 

1 1 server, the identifier having been previously associated with the database session; 
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12 using the identifier to look up the security context for the given application 

13 client within a storage area associated with the database server; 

14 wherein the security context includes attributes related to the given 

1 5 application client; 

16 wherein only applications associated with the given application client md 

17 not applications associated with other clients will receive the security context for 

18 the given client; 

19 receiving the security context for the given application client from the 

20 database client; 

21 inserting the security context into the storage area associated with the 

22 database server so that the security context can be indexed by the identifier for the 

23 given application client; 

24 performing a database operation to satisfy the request; 

25 wherein performing the database operation involves enforcing access 

26 rights associated with the security context; and 

27 allowing the given application client to use the same security context 

28 through a second application and a second database session by: 

29 receiving a second request at the database server through 

30 the second database session with the second application, 

3 1 looking up the identifier for the given application client, the 

32 identifier having been previously associated with the second 

33 database session, and 

34 using the identifier to look up the security context for the 

35 given application client within the storage area associated with the 

36 database server. 
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1 11. (Original) The computer-readable storage medium of claim 10, 

2 wherein the request includes a database query directed to a database on the 

3 database server. 

1 12. (Original) The computer-readable storage medium of claim 1 1, 

2 wherein performing the database operation involves modifying the database query 

3 to enforce access rights associated with the security context. 

1 13 (Canceled). 

1 14. (Previously presented) The computer-readable storage medium of 

2 claim 10, 

3 wherein the database client is an application server that is sending the 

4 request to the database server; and 

5 wherein the identifier for the given application client identifies an 

6 application session between the application on the application server and the 

7 client of the application. 

1 15. (Original) The computer-readable storage medium of claim 14, 

2 wherein the method further comprises: 

3 receiving a request from the application to change the application session 

4 associated with the database session; and 

5 changing the application session associated with the database session. 

1 16. (Original) The computer-readable storage medium of claim 14, 

2 wherein the method further comprises facilitating connection pooling by 

3 periodically changing the application session associated with the database session 
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4 in order to channel requests associated with multiple application sessions through 

5 the database session. 

1 17-18 (Canceled). 

1 19. (Currently amended) An apparatus that facilitates sharing a security 

2 context for a given application client between different applications associated 

3 with the given application client on a database server, comprising: 

4 a receiving mechanism that is configured to receive a request at the 

5 database server through a database session between the database server and an 

6 application on a database client; 

7 wherein the receiving mechanism is further configured to receive the 

8 security context for the given application client from the database client; 

9 wherein the receiving mechanism is further configured to receive a second 

10 request at the database server through a second database session between the 

1 1 database server and a second application; 

12 a lookup mechanism that is configured to look up an identifier for an given 



13 application client that identifies a client of the application, wherein the identifier 

14 for the gi ven application client i dentifies a user of the application that is sending 

1 5 the request to the database server, the identifier having been previously associated 

1 6 with the database session; 

1 7 wherein the lookup mechanism is configured to use the identifier to look 

1 8 up the security context for the given application client within a storage area 

1 9 associated with the database server; 

20 wherein the lookup mechanism is further configured to look up the 

21 identifier for the given application client, the identifier having been previously 

22 associated with the second database session; 
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23 wherein the lookup mechanism is further configured to use the identifier to 

24 look up the security context for the given application client within the storage area 

25 associated with the database server; 

26 wherein the security context includes attributes related to the given 

27 application client; 

28 wherein only applications associated with the given application client and 

29 not applications associated with other clients will receive the security context for 

30 the given client; 

3 1 a security context initialization mechanism that is configured to insert the 

32 security context into the storage area associated with the database server so that 

33 the security context can be indexed by the identifier for the given application 

34 client; and 

35 a database engine that is configured to perform a database operation to 

36 satisfy the request; 

37 wherein performing the database operation involves enforcing access 

38 rights associated with the security context. 

1 20. (Original) The apparatus of claim 19, wherein the request includes a 

2 database query directed to a database on the database server. 

1 21. (Original) The apparatus of claim 19, wherein the database engine is 

2 configured to perform the database operation by modifying the database query to 

3 enforce access rights associated with the security context. 

1 22 (Canceled). 

1 23. (Previously presented) The apparatus of claim 19, 
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2 wherein the database client is an application server that is sending the 

3 request to the database server; and 

4 wherein the identifier for the given application client identifies an 

5 application session between the application on the application server and the 

6 client of the application. 

1 24. (Original) The apparatus of claim 23, wherein the receiving 

2 mechanism is additionally configured to receive a request from the application to 

3 change the application session associated with the database session; and 

4 further comprising a changing mechanism that is configured to change the 

5 application session associated with the database session in response to the request. 

1 25. (Original) The apparatus of claim 24, wherein the changing 

2 mechanism is further configured to facilitate connection pooling by periodically 

3 changing the application session associated with the database session in order to 

4 channel requests associated with multiple application sessions through the 

5 database session. 

1 26-27 (Canceled). 
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